Geek-Guy.com

Category: Data loss

Auto Added by WPeMatico

AI, Data loss, Global Security News, Google, Instagram, Law & order

Smashing Security podcast #451: I hacked the government, and your headphones are next

In episode 451 of “Smashing Security,” we meet the cybercriminal who hacked the US Supreme Court, Veterans Affairs, and more – and then helpfully posted screenshots (and even someone’s blood type) on an account called “I hacked the government.” Plus we discuss how researchers uncovered a creepy flaw that lets attackers hijack wireless headphones, listen…

Read more →

Amazon, Data loss, Europe, Global Security News, Podcast, Ransomware, vulnerability

Smashing Security podcast #448: The Kindle that got pwned

Think your Kindle is harmless? Think again! In this episode, we unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader – potentially letting an attacker break into your account and seize control of your credit card. Plus a blast from 2021’s “summer of ransomware” returns to haunt…

Read more →

Data loss, Global Security News, malware, Podcast, privacy, Security threats

Smashing Security podcast #446: A hacker doxxes himself, and social engineering-as-a-service

A teenage cybercriminal posts a smug screenshot to mock a sextortion scammer… and accidentally hands over the keys to his real-world identity. Meanwhile, we look into the crystal ball for 2026 and consider how stolen data is now the jet fuel of cybercrime – and how next year could be even nastier than 2025. Plus,…

Read more →

data breach, Data loss, Global Security News, Guest blog, malware, Ransomware

Asahi cyber attack spirals into massive data breach impacting almost 2 million people

Asahi Group Holdings, the makers of the popular Japanese beer Asahi Super Dry, has confirmed that the ransomware attack that disrupted its operations in late September also saw a significant data breach that affects more than 1.5 million customers and approximately 275,000 current and former employees and their families. Read more in my article on…

Read more →

Data loss, Global Security News, Guest blog, Law & order, malware, Mobile

State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns

CISA, the US Cybersecurity and Infrastructure Security Agency, has issued a new warning that cybercriminals and state-backed hacking groups are using spyware to compromise smartphones belonging to users of popular encrypted messaging apps such as Signal, WhatsApp, and Telegram. Read more in my article on the Hot for Security blog.

Read more →

crowdstrike, data breach, Data loss, Global Security News, Podcast

Smashing Security podcast #445: The hack that brought back the zombie apocalypse

America’s airwaves are haunted by zombies again, as we dig into a decade of broadcasters leaving their hardware open to attack, giving hackers the chance to hijack TV shows, blast out fake emergency alerts, and even replace religious sermons with explicit furry podcasts. Meanwhile, we look at how a worker at a cybersecurity firm allegedly…

Read more →

Data loss, Global Security News, malware, Podcast, privacy

Smashing Security podcast #444: We’re sorry. Wait, did a company actually say that?

Stop the press – a company has actually said “sorry” after a data breach, and hotels are helping hackers phish their own guests. We examine a refreshingly honest breach response (and why legacy systems are still going to ruin your week), dig into a nasty hotel-booking malware campaign that abuses trust in apps and CAPTCHAs,…

Read more →

data breach, Data loss, extortion, Global Security News, Guest blog, Ransom

A miracle: A company says sorry after a cyber attack – and donates the ransom to cybersecurity research

One of the sad truths about this world of seemingly endless hacks and data breaches is that companies just won’t apologise. Even when customers, partners, and employees are left wondering when their data will be published by malicious hackers on the dark web, breached organisations will seemingly do everything they can to avoid saying what…

Read more →

AI, api, Artificial Intelligence, Data loss, Global Security News, Guest blog

Leading AI companies accidentally leak their passwords and digital keys on GitHub – what you need to know

Many of the world’s top artificial intelligence companies are making a simple but dangerous mistake. They are accidentally publishing their passwords and digital keys on GitHub, the popular code-sharing website that is used by millions of developers every day. Read more in my article on the Fortra blog.

Read more →

Data loss, Global Security News, Law & order, Podcast, privacy, vulnerability

Smashing Security podcast #441: Inside the mob’s million-dollar poker hack, and a Formula 1 fumble

Basketball stars have allegedly joined forces with the mafia to fleece high-rollers in a poker scam involving hacked shufflers, covert cameras, and an X-ray card table. Meanwhile, researchers have found they could poke around an FIA driver portal to pull up the personal details of Formula 1 megastars. All this and more is discussed in…

Read more →

Data loss, Global Security News, Guest blog, Law & order, Podcast, Security threats

Smashing Security podcast #440: How to hack a prison, and the hidden threat of online checkouts

A literal insider threat: we head to a Romanian prison where “self-service” web kiosks allowed inmates to run wild. Then we head to the checkout aisle to ask why JavaScript on payment pages went feral, and how new PCI DSS rules are finally muzzling Magecart-style skimmers. Plus: Graham reveals his new-found superpower with Keyboard Maestro,…

Read more →

data breach, Data loss, Global Security News, Guest blog, Law & order

John Bolton charged over classified emails after Iranian hack of his AOL account

Former US national security adviser John Bolton is the latest in a line of Donald Trump’s critics to find themselves on the sharp end of charges from the US Department of Justice. Bolton, who left the White Hose in 2021 and wrote a tell-all memoir describing Trump as unfit for office and “stunningly uninformed,” has…

Read more →

Data loss, Global Security News, malware, Podcast, privacy, Ransomware

Smashing Security podcast #438: When your mouse turns snitch, and hackers grow a conscience

Your computer’s mouse might not be as innocent as it looks – and one ransomware crew has a crisis of conscience that nobody saw coming. We talk about how something as ordinary as a web page could turn your mouse into a surprisingly nosey neighbour, and why ransomware gangs need to think carefully about their…

Read more →

AI, data breach, Data loss, Global Security News, Podcast, vulnerability

Smashing Security podcast #437: Salesforce’s trusted domain of doom

Researchers uncovered a security flaw in Salesforce’s shiny new Agentforce. The vulnerability, dubbed “ForcedLeak”, let them smuggle AI-read instructions in via humble Web-to-Lead form… and ended up spilling data for the low, low price of five dollars. And we discuss why data breach communicationss still default to “we take security seriously” while quietly implying “assume…

Read more →

Android, Data loss, encryption, Exploits, Global Security News, Guest blog, iOS

Your favourite phone apps might be leaking your company’s secrets

Most of the apps on your phone are talking to a server somewhere – sending and receiving data through messages sent through APIs, the underlying infrastructure that allows apps to communicate. And here’s the problem – hackers have determined that the APIs of mobile apps, when left visible and exploitable, can be a goldmine. Read…

Read more →

Data loss, Global Security News, Law & order, malware, Podcast, Ransomware

Smashing Security podcast #436: The €600,000 gold heist, powered by ransomware

Ransomware doesn’t just freeze computers – it can silence alarms too. And when the Natural History Museum in Paris went dark, thieves helped themselves to €600,000 worth of gold in a daring late-night heist. Meanwhile, developers have a new headache: a worm dubbed “Shai Hulud” has wriggled its way through more than 180 npm packages,…

Read more →

critical infrastructure, Data loss, Global Security News, Guest blog, Law & order, Security threats

Germany charges hacker with Rosneft cyberattack in latest wake-up call for critical infrastructure

A 30‑year‑old man has been charged with launching a cyberattack on the German subsidiary of Russia’s state-owned oil giant Rosneft. The cyberattack, which happened in March 2022 in the aftermath of Russia’s invasion of Ukraine, crippled the company’s operations and cost millions of euros in damages. Read more in my article on the Exponential-e blog.

Read more →

Data loss, encryption, Global Security News, Microsoft, phishing, Podcast

Smashing Security podcast #432: Oops! I auto-filled my password into a cookie banner

We unpack how some password managers can be tricked into coughing up your secrets, with a clickjacking sleight-of-hand, what website owners can do to prevent it, and how to lock down your personal password vault. Then we time-hope to the post-quantum scramble: “harvest-now, decrypt later”, Microsoft’s 2033 quantum-safe pledge, and whether your printer will survive…

Read more →

Data loss, Global Security News, Guest blog, Hunters International, malware, Ransomware

Hunters International ransomware group shuts down – but will it regroup under a new guise?

The notorious Hunters International ransomware-as-a-service operation has announced that it has shut down, in a message posted on its dark web leak site. In a statement on its extortion site, the ransomware group says that it has not only “decided to close the Hunters International project” but is also offering free decryption tools to its…

Read more →

critical infrastructure, data breach, Data loss, Global Security News, Instagram, Law & order, Podcast, Portugal, Smashing Security, spain

Smashing Security podcast #418: Grid failures, Instagram scams, and Legal Aid leaks

In this week’s episode, Graham investigates the mysterious Iberian Peninsula blackout (aliens? toaster? cyberattack?), Carole dives in the UK legal aid hack that exposed deeply personal data of society’s most vulnerable, and Dinah Davis recounts how Instagram scammers hijacked her daughter’s account – and how a parental control accidentally saved the day.

Read more →

Data loss, Global Security News, Law & order, malware, Marks and Spencer, Podcast, Ransomware, Smashing Security

Smashing Security podcast #416: High street hacks, and Disney’s Wingdings woe

Brits face empty shelves and suspended meal deals as cybercriminals hit major high street retailers, and a terminated Disney employee gets revenge with a little help with Wingdings. Plus Graham challenges Carole to a game of “Malware or metal?”, and we wonder just happens when you have sex on top of a piano? All this…

Read more →

data breach, Data loss, Global Security News, Guest blog, Spyware

21 million employee screenshots leaked in bossware breach blunder

If you thought only your boss was peeking at your work screen, think again. Employee-monitoring tool Work Composer has committed a jaw-dropping blunder, leaving a treasure trove of millions of workplace screenshots openly accessible on the internet with no encryption in place, and no password required. Read more in my article on the Hot for…

Read more →

Data loss, Global Security News, Guest blog, malware, sim swap, South Korea

Hackers access sensitive SIM card data at South Korea’s largest telecoms company

Mobile network operator SK Telecom, which serves approximately 34 million subscribers in South Korea, has confirmed that it suffered a cyber attack earlier this month that saw malware infiltrate its internal systems, and access data related to customers’ SIM cards. Read more in my article on the Hot for Security blog.

Read more →

data breach, Data loss, Global Security News, Guest blog, insurance

Insurance firm Lemonade warns of breach of thousands of driving license numbers

A data breach at insurance firm Lemonade left the details of thousands of drivers’ licenses exposed for 17 months. According to the company, on March 14 2025 Lemonade learnt that a vulnerability in its online car insurance application process contained a vulnerability that was likely to have exposed “certain driver’s license numbers for identifiable individuals.”…

Read more →

data breach, Data loss, Global Security News, Law & order, malware, Podcast, postal, Ransomware, Smashing Security, snail mail

Smashing Security podcast #408: A gag order backfires, and a snail mail ransom demand

What happens when a healthcare giant’s legal threats ignite a Streisand Effect wildfire… while a ransomware gang appears to ditch the dark web for postage stamps? Find out about this, and more, in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Read more →

AI, Artificial Intelligence, data breach, Data loss, Global Security News, Law & order, malware, Podcast, Ransomware, sim swap, Smashing Security, Twitter

Smashing Security podcast #404: Podcast not found

The story of how hackers managed to compromise the US Government’s official SEC Twitter account to boost the price of Bitcoins, AI isn’t helping reduce the rife conspiracy theories inside classrooms, and is the funeral bell tolling for ransomware? All this and more is discussed in the latest edition of the “Smashing Security” podcast by…

Read more →

Coinbase, data breach, Data loss, Global Security News, malware, Podcast, powerschool, QR code, Ransomware, Smashing Security, VPN

Smashing Security podcast #403: Coinbase crypto heists, QR codes, and ransomware in the classroom

In episode 403 of “Smashing Security” we dive into the mystery of $65 million vanishing from Coinbase users faster than J-Lo slipped into Graham’s DMs, Geoff gives a poor grade for PowerSchool’s security, and Carole takes a curious look at QR codes. All this and more is discussed in the latest edition of the “Smashing…

Read more →

Botnet, Data loss, Denial of Service, Global Security News, kidnap, Law & order, malware, Operating Systems, Podcast, privacy, Remote access trojan, Smashing Security, Social networks, Spyware

Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps

What happens when eager computer enthusiasts unknowingly download a trojanized hacking tool and find themselves on the wrong side of cybersecurity? A former employee’s actions led to chaos and raise urgent questions about the security of cultural treasures. And join us as we explore the alarming trend of social media influencers staging fake kidnappings. All…

Read more →